CVE-2014-6276 - CERT CVE
ID CVE-2014-6276
Sažetak schema.py in Roundup before 1.5.1 does not properly limit attributes included in default user permissions, which might allow remote authenticated users to obtain sensitive user information by viewing user details.
Reference
CVSS
Base: 4.0
Impact: 2.9
Exploitability:8.0
Pristup
VektorSloženostAutentikacija
NETWORK LOW SINGLE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL NONE NONE
CVSS vektor AV:N/AC:L/Au:S/C:P/I:N/A:N
Zadnje važnije ažuriranje 20-04-2016 - 17:24
Objavljeno 13-04-2016 - 14:59